Info: (coreutils) Setting Permissions

⇖ Info Catalog ↑ coreutils: Symbolic Modes → coreutils: Copying Permissions
coreutils: Setting Permissions

1 
1 27.2.1 Setting Permissions
1 --------------------------
1 
1 The basic symbolic operations on a file’s permissions are adding,
1 removing, and setting the permission that certain users have to read,
1 write, and execute or search the file.  These operations have the
1 following format:
1 
1      USERS OPERATION PERMISSIONS
1 
1 The spaces between the three parts above are shown for readability only;
1 symbolic modes cannot contain spaces.
1 
1    The USERS part tells which users’ access to the file is changed.  It
1 consists of one or more of the following letters (or it can be empty;
1 ⇒Umask and Protection, for a description of what happens then).
1 When more than one of these letters is given, the order that they are in
1 does not matter.
1 
1 ‘u’
1      the user who owns the file;
1 ‘g’
1      other users who are in the file’s group;
1 ‘o’
1      all other users;
1 ‘a’
1      all users; the same as ‘ugo’.
1 
1    The OPERATION part tells how to change the affected users’ access to
1 the file, and is one of the following symbols:
1 
1 ‘+’
1      to add the PERMISSIONS to whatever permissions the USERS already
1      have for the file;
1 ‘-’
1      to remove the PERMISSIONS from whatever permissions the USERS
1      already have for the file;
1 ‘=’
1      to make the PERMISSIONS the only permissions that the USERS have
1      for the file.
1 
1    The PERMISSIONS part tells what kind of access to the file should be
1 changed; it is normally zero or more of the following letters.  As with
1 the USERS part, the order does not matter when more than one letter is
1 given.  Omitting the PERMISSIONS part is useful only with the ‘=’
1 operation, where it gives the specified USERS no access at all to the
1 file.
1 
1 ‘r’
1      the permission the USERS have to read the file;
1 ‘w’
1      the permission the USERS have to write to the file;
1 ‘x’
1      the permission the USERS have to execute the file, or search it if
1      it is a directory.
1 
1    For example, to give everyone permission to read and write a regular
1 file, but not to execute it, use:
1 
1      a=rw
1 
1    To remove write permission for all users other than the file’s owner,
1 use:
1 
1      go-w
1 
1 The above command does not affect the access that the owner of the file
1 has to it, nor does it affect whether other users can read or execute
1 the file.
1 
1    To give everyone except a file’s owner no permission to do anything
1 with that file, use the mode below.  Other users could still remove the
1 file, if they have write permission on the directory it is in.
1 
1      go=
1 
1 Another way to specify the same thing is:
1 
1      og-rwx
1
⇖ Info Catalog ↑ coreutils: Symbolic Modes → coreutils: Copying Permissions